forked from community/device-mgt-core
parent
aeed8b92a1
commit
fd84190342
@ -0,0 +1,152 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
~
|
||||
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||
~ Version 2.0 (the "License"); you may not use this file except
|
||||
~ in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing,
|
||||
~ software distributed under the License is distributed on an
|
||||
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
~ KIND, either express or implied. See the License for the
|
||||
~ specific language governing permissions and limitations
|
||||
~ under the License.
|
||||
-->
|
||||
|
||||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||
<parent>
|
||||
<groupId>org.wso2.carbon.devicemgt</groupId>
|
||||
<artifactId>certificate-mgt</artifactId>
|
||||
<version>0.9.2-SNAPSHOT</version>
|
||||
<relativePath>../pom.xml</relativePath>
|
||||
</parent>
|
||||
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.wso2.carbon.devicemgt</groupId>
|
||||
<artifactId>org.wso2.carbon.certificate.mgt.core</artifactId>
|
||||
<version>0.9.2-SNAPSHOT</version>
|
||||
<packaging>bundle</packaging>
|
||||
<name>WSO2 Carbon - Certificate Management Core</name>
|
||||
<description>WSO2 Carbon - Certificate Management Core</description>
|
||||
<url>http://wso2.org</url>
|
||||
|
||||
<build>
|
||||
<plugins>
|
||||
<plugin>
|
||||
<groupId>org.apache.felix</groupId>
|
||||
<artifactId>maven-scr-plugin</artifactId>
|
||||
</plugin>
|
||||
<plugin>
|
||||
<groupId>org.apache.felix</groupId>
|
||||
<artifactId>maven-bundle-plugin</artifactId>
|
||||
<version>1.4.0</version>
|
||||
<extensions>true</extensions>
|
||||
<configuration>
|
||||
<instructions>
|
||||
<Bundle-SymbolicName>${project.artifactId}</Bundle-SymbolicName>
|
||||
<Bundle-Name>${project.artifactId}</Bundle-Name>
|
||||
<Bundle-Version>${carbon.device.mgt.version}</Bundle-Version>
|
||||
<Bundle-Description>Device Management Core Bundle</Bundle-Description>
|
||||
<Private-Package>org.wso2.carbon.certificate.mgt.core.internal</Private-Package>
|
||||
<Import-Package>
|
||||
org.osgi.framework,
|
||||
org.osgi.service.component,
|
||||
org.apache.commons.logging,
|
||||
javax.security.auth.x500,
|
||||
javax.xml.parsers,
|
||||
org.apache.commons.codec.binary,
|
||||
org.bouncycastle.asn1,
|
||||
org.bouncycastle.asn1.x500,
|
||||
org.bouncycastle.asn1.x509,
|
||||
org.bouncycastle.cert,
|
||||
org.bouncycastle.cert.jcajce,
|
||||
org.bouncycastle.cms,
|
||||
org.bouncycastle.jce.provider,
|
||||
org.bouncycastle.operator,
|
||||
org.bouncycastle.operator.jcajce,
|
||||
org.bouncycastle.pkcs,
|
||||
org.bouncycastle.util,
|
||||
org.jscep.message,
|
||||
org.jscep.transaction,
|
||||
org.w3c.dom,
|
||||
org.xml.sax
|
||||
</Import-Package>
|
||||
<Export-Package>
|
||||
!org.wso2.carbon.certificate.mgt.core.internal.*,
|
||||
org.wso2.carbon.certificate.mgt.core.dto.*,
|
||||
org.wso2.carbon.certificate.mgt.core.exception.*,
|
||||
org.wso2.carbon.certificate.mgt.core.impl.*,
|
||||
org.wso2.carbon.certificate.mgt.core.service.*,
|
||||
org.wso2.carbon.certificate.mgt.core.util.*
|
||||
</Export-Package>
|
||||
</instructions>
|
||||
</configuration>
|
||||
</plugin>
|
||||
|
||||
<plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-surefire-plugin</artifactId>
|
||||
<version>2.18</version>
|
||||
<configuration>
|
||||
<systemPropertyVariables>
|
||||
<log4j.configuration>file:src/test/resources/log4j.properties</log4j.configuration>
|
||||
</systemPropertyVariables>
|
||||
<suiteXmlFiles>
|
||||
<suiteXmlFile>src/test/resources/testng.xml</suiteXmlFile>
|
||||
</suiteXmlFiles>
|
||||
</configuration>
|
||||
</plugin>
|
||||
|
||||
</plugins>
|
||||
</build>
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.eclipse.osgi</groupId>
|
||||
<artifactId>org.eclipse.osgi</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.eclipse.osgi</groupId>
|
||||
<artifactId>org.eclipse.osgi.services</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.testng</groupId>
|
||||
<artifactId>testng</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.wso2.carbon</groupId>
|
||||
<artifactId>org.wso2.carbon.logging</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.bouncycastle.wso2</groupId>
|
||||
<artifactId>bcprov-jdk15on</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.bouncycastle.wso2</groupId>
|
||||
<artifactId>bcpkix-jdk15on</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.bouncycastle.wso2</groupId>
|
||||
<artifactId>bcmail-jdk15on</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.google.code.jscep.wso2</groupId>
|
||||
<artifactId>jscep</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>commons-codec.wso2</groupId>
|
||||
<artifactId>commons-codec</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>commons-io.wso2</groupId>
|
||||
<artifactId>commons-io</artifactId>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
</project>
|
||||
|
@ -0,0 +1,26 @@
|
||||
/*
|
||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
package org.wso2.carbon.certificate.mgt.core.dto;
|
||||
|
||||
public enum CAStatus {
|
||||
|
||||
CA_CERT_FAILED,
|
||||
CA_CERT_RECEIVED,
|
||||
CA_RA_CERT_RECEIVED
|
||||
|
||||
}
|
@ -0,0 +1,41 @@
|
||||
/*
|
||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
package org.wso2.carbon.certificate.mgt.core.dto;
|
||||
|
||||
public class SCEPResponse {
|
||||
|
||||
private byte[] encodedResponse;
|
||||
private CAStatus resultCriteria;
|
||||
|
||||
public byte[] getEncodedResponse() {
|
||||
return encodedResponse;
|
||||
}
|
||||
|
||||
public void setEncodedResponse(byte[] encodedResponse) {
|
||||
this.encodedResponse = encodedResponse;
|
||||
}
|
||||
|
||||
public CAStatus getResultCriteria() {
|
||||
return resultCriteria;
|
||||
}
|
||||
|
||||
public void setResultCriteria(CAStatus resultCriteria) {
|
||||
this.resultCriteria = resultCriteria;
|
||||
}
|
||||
|
||||
}
|
@ -0,0 +1,55 @@
|
||||
/*
|
||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
package org.wso2.carbon.certificate.mgt.core.exception;
|
||||
|
||||
public class KeystoreException extends Exception {
|
||||
|
||||
private static final long serialVersionUID = -8935640983869122660L;
|
||||
private String errorMessage;
|
||||
|
||||
public String getErrorMessage() {
|
||||
return errorMessage;
|
||||
}
|
||||
|
||||
public void setErrorMessage(String errorMessage) {
|
||||
this.errorMessage = errorMessage;
|
||||
}
|
||||
|
||||
public KeystoreException(String msg, Exception nestedEx) {
|
||||
super(msg, nestedEx);
|
||||
setErrorMessage(msg);
|
||||
}
|
||||
|
||||
public KeystoreException(String message, Throwable cause) {
|
||||
super(message, cause);
|
||||
setErrorMessage(message);
|
||||
}
|
||||
|
||||
public KeystoreException(String msg) {
|
||||
super(msg);
|
||||
setErrorMessage(msg);
|
||||
}
|
||||
|
||||
public KeystoreException() {
|
||||
super();
|
||||
}
|
||||
|
||||
public KeystoreException(Throwable cause) {
|
||||
super(cause);
|
||||
}
|
||||
}
|
@ -0,0 +1,452 @@
|
||||
/*
|
||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
package org.wso2.carbon.certificate.mgt.core.impl;
|
||||
|
||||
import org.apache.commons.codec.binary.Base64;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.bouncycastle.asn1.x500.X500Name;
|
||||
import org.bouncycastle.asn1.x509.KeyUsage;
|
||||
import org.bouncycastle.asn1.x509.X509Extension;
|
||||
import org.bouncycastle.cert.CertIOException;
|
||||
import org.bouncycastle.cert.X509CertificateHolder;
|
||||
import org.bouncycastle.cert.X509v3CertificateBuilder;
|
||||
import org.bouncycastle.cert.jcajce.JcaCertStore;
|
||||
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
|
||||
import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
|
||||
import org.bouncycastle.cms.CMSAbsentContent;
|
||||
import org.bouncycastle.cms.CMSException;
|
||||
import org.bouncycastle.cms.CMSSignedData;
|
||||
import org.bouncycastle.cms.CMSSignedDataGenerator;
|
||||
import org.bouncycastle.jce.provider.BouncyCastleProvider;
|
||||
import org.bouncycastle.operator.ContentSigner;
|
||||
import org.bouncycastle.operator.OperatorCreationException;
|
||||
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
|
||||
import org.bouncycastle.pkcs.PKCS10CertificationRequest;
|
||||
import org.bouncycastle.util.Store;
|
||||
import org.jscep.message.CertRep;
|
||||
import org.jscep.message.MessageDecodingException;
|
||||
import org.jscep.message.MessageEncodingException;
|
||||
import org.jscep.message.PkcsPkiEnvelopeDecoder;
|
||||
import org.jscep.message.PkcsPkiEnvelopeEncoder;
|
||||
import org.jscep.message.PkiMessage;
|
||||
import org.jscep.message.PkiMessageDecoder;
|
||||
import org.jscep.message.PkiMessageEncoder;
|
||||
import org.jscep.transaction.FailInfo;
|
||||
import org.jscep.transaction.Nonce;
|
||||
import org.jscep.transaction.TransactionId;
|
||||
import org.wso2.carbon.certificate.mgt.core.dto.CAStatus;
|
||||
import org.wso2.carbon.certificate.mgt.core.dto.SCEPResponse;
|
||||
import org.wso2.carbon.certificate.mgt.core.util.ConfigurationUtil;
|
||||
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
|
||||
import org.wso2.carbon.certificate.mgt.core.util.CommonUtil;
|
||||
|
||||
import javax.security.auth.x500.X500Principal;
|
||||
import java.io.ByteArrayInputStream;
|
||||
import java.io.DataInputStream;
|
||||
import java.io.File;
|
||||
import java.io.FileInputStream;
|
||||
import java.io.FileNotFoundException;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.math.BigInteger;
|
||||
import java.security.InvalidKeyException;
|
||||
import java.security.KeyFactory;
|
||||
import java.security.KeyPair;
|
||||
import java.security.KeyPairGenerator;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.NoSuchProviderException;
|
||||
import java.security.PrivateKey;
|
||||
import java.security.SecureRandom;
|
||||
import java.security.Security;
|
||||
import java.security.SignatureException;
|
||||
import java.security.cert.CertificateEncodingException;
|
||||
import java.security.cert.CertificateException;
|
||||
import java.security.cert.CertificateExpiredException;
|
||||
import java.security.cert.CertificateFactory;
|
||||
import java.security.cert.CertificateNotYetValidException;
|
||||
import java.security.cert.X509Certificate;
|
||||
import java.security.spec.InvalidKeySpecException;
|
||||
import java.security.spec.PKCS8EncodedKeySpec;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
import java.util.Date;
|
||||
import java.util.List;
|
||||
|
||||
public class CertificateGenerator {
|
||||
|
||||
private static final Log log = LogFactory.getLog(CertificateGenerator.class);
|
||||
|
||||
public List<X509Certificate> getRootCertificates(byte[] ca, byte[] ra) throws KeystoreException {
|
||||
|
||||
if (ca == null) {
|
||||
throw new KeystoreException("CA certificate is mandatory");
|
||||
}
|
||||
|
||||
if (ra == null) {
|
||||
throw new KeystoreException("RA certificate is mandatory");
|
||||
}
|
||||
|
||||
List<X509Certificate> certificateList = new ArrayList<X509Certificate>();
|
||||
InputStream caInputStream = null;
|
||||
InputStream raInputStream = null;
|
||||
|
||||
try {
|
||||
CertificateFactory certificateFactory = CertificateFactory.getInstance(ConfigurationUtil.X_509);
|
||||
caInputStream = new ByteArrayInputStream(ca);
|
||||
raInputStream = new ByteArrayInputStream(ra);
|
||||
|
||||
X509Certificate caCert = (X509Certificate) certificateFactory.generateCertificate(caInputStream);
|
||||
X509Certificate raCert = (X509Certificate) certificateFactory.generateCertificate(raInputStream);
|
||||
|
||||
certificateList.add(caCert);
|
||||
certificateList.add(raCert);
|
||||
} catch (CertificateException e) {
|
||||
String errorMsg = "Error occurred while fetching root certificates";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} finally {
|
||||
if (caInputStream != null) {
|
||||
try {
|
||||
caInputStream.close();
|
||||
} catch (IOException e) {
|
||||
log.error("Error occurred when closing CA input stream");
|
||||
}
|
||||
}
|
||||
|
||||
if (raInputStream != null) {
|
||||
try {
|
||||
raInputStream.close();
|
||||
} catch (IOException e) {
|
||||
log.error("Error occurred when closing RA input stream");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return certificateList;
|
||||
}
|
||||
|
||||
public X509Certificate generateX509Certificate() throws KeystoreException {
|
||||
|
||||
CommonUtil commonUtil = new CommonUtil();
|
||||
Date validityBeginDate = commonUtil.getValidityStartDate();
|
||||
Date validityEndDate = commonUtil.getValidityEndDate();
|
||||
|
||||
Security.addProvider(new BouncyCastleProvider());
|
||||
|
||||
try {
|
||||
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(
|
||||
ConfigurationUtil.RSA, ConfigurationUtil.PROVIDER);
|
||||
keyPairGenerator.initialize(ConfigurationUtil.RSA_KEY_LENGTH, new SecureRandom());
|
||||
KeyPair pair = keyPairGenerator.generateKeyPair();
|
||||
X500Principal principal = new X500Principal(ConfigurationUtil.DEFAULT_PRINCIPAL);
|
||||
BigInteger serial = BigInteger.valueOf(System.currentTimeMillis());
|
||||
|
||||
X509v3CertificateBuilder certificateBuilder = new JcaX509v3CertificateBuilder(
|
||||
principal, serial, validityBeginDate, validityEndDate,
|
||||
principal, pair.getPublic());
|
||||
ContentSigner contentSigner = new JcaContentSignerBuilder(ConfigurationUtil.SHA256_RSA)
|
||||
.setProvider(ConfigurationUtil.PROVIDER).build(
|
||||
pair.getPrivate());
|
||||
X509Certificate certificate = new JcaX509CertificateConverter()
|
||||
.setProvider(ConfigurationUtil.PROVIDER).getCertificate(
|
||||
certificateBuilder.build(contentSigner));
|
||||
|
||||
// cert.checkValidity();
|
||||
|
||||
certificate.verify(certificate.getPublicKey());
|
||||
|
||||
return certificate;
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
String errorMsg = "No such algorithm found when generating certificate";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (NoSuchProviderException e) {
|
||||
String errorMsg = "No such provider found when generating certificate";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (OperatorCreationException e) {
|
||||
String errorMsg = "Issue in operator creation when generating certificate";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (CertificateExpiredException e) {
|
||||
String errorMsg = "Certificate expired after generating certificate";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (CertificateNotYetValidException e) {
|
||||
String errorMsg = "Certificate not yet valid when generating certificate";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (CertificateException e) {
|
||||
String errorMsg = "Certificate issue occurred when generating certificate";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (InvalidKeyException e) {
|
||||
String errorMsg = "Invalid key used when generating certificate";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (SignatureException e) {
|
||||
String errorMsg = "Signature related issue occurred when generating certificate";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
}
|
||||
}
|
||||
|
||||
public byte[] getPKIMessage(InputStream inputStream) throws KeystoreException {
|
||||
|
||||
try {
|
||||
CMSSignedData signedData = new CMSSignedData(inputStream);
|
||||
Store reqStore = signedData.getCertificates();
|
||||
@SuppressWarnings("unchecked")
|
||||
Collection<X509CertificateHolder> reqCerts = reqStore.getMatches(null);
|
||||
|
||||
KeyStoreReader keyStoreReader = new KeyStoreReader();
|
||||
PrivateKey privateKeyRA = keyStoreReader.getRAPrivateKey();
|
||||
PrivateKey privateKeyCA = keyStoreReader.getCAPrivateKey();
|
||||
X509Certificate certRA = (X509Certificate) keyStoreReader.getRACertificate();
|
||||
X509Certificate certCA = (X509Certificate) keyStoreReader.getCACertificate();
|
||||
|
||||
CertificateFactory certificateFactory = CertificateFactory.getInstance(ConfigurationUtil.X_509);
|
||||
X509CertificateHolder holder = reqCerts.iterator().next();
|
||||
ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(holder.getEncoded());
|
||||
X509Certificate reqCert = (X509Certificate) certificateFactory.generateCertificate(byteArrayInputStream);
|
||||
|
||||
PkcsPkiEnvelopeDecoder envelopeDecoder = new PkcsPkiEnvelopeDecoder(certRA, privateKeyRA);
|
||||
PkiMessageDecoder messageDecoder = new PkiMessageDecoder(reqCert, envelopeDecoder);
|
||||
PkiMessage<?> pkiMessage = messageDecoder.decode(signedData);
|
||||
Object msgData = pkiMessage.getMessageData();
|
||||
|
||||
Nonce senderNonce = Nonce.nextNonce();
|
||||
TransactionId transId = pkiMessage.getTransactionId();
|
||||
Nonce recipientNonce = pkiMessage.getSenderNonce();
|
||||
CertRep certRep;
|
||||
|
||||
PKCS10CertificationRequest certRequest = (PKCS10CertificationRequest) msgData;
|
||||
X509Certificate generatedCert = generateCertificateFromCSR(
|
||||
privateKeyCA, certRequest, certCA.getIssuerX500Principal().getName());
|
||||
|
||||
List<X509Certificate> issued = new ArrayList<X509Certificate>();
|
||||
issued.add(generatedCert);
|
||||
|
||||
if (issued.size() == 0) {
|
||||
certRep = new CertRep(transId, senderNonce, recipientNonce, FailInfo.badCertId);
|
||||
} else {
|
||||
CMSSignedData messageData = getMessageData(issued);
|
||||
certRep = new CertRep(transId, senderNonce, recipientNonce, messageData);
|
||||
}
|
||||
|
||||
PkcsPkiEnvelopeEncoder envEncoder = new PkcsPkiEnvelopeEncoder(reqCert, ConfigurationUtil.DES_EDE);
|
||||
PkiMessageEncoder encoder = new PkiMessageEncoder(privateKeyRA, certRA, envEncoder);
|
||||
CMSSignedData cmsSignedData = encoder.encode(certRep);
|
||||
|
||||
return cmsSignedData.getEncoded();
|
||||
|
||||
} catch (CertificateException e) {
|
||||
String errorMsg = "Certificate issue occurred when generating getPKIMessage";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (MessageEncodingException e) {
|
||||
String errorMsg = "Message encoding issue occurred when generating getPKIMessage";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (IOException e) {
|
||||
String errorMsg = "Input output issue occurred when generating getPKIMessage";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (MessageDecodingException e) {
|
||||
String errorMsg = "Message decoding issue occurred when generating getPKIMessage";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (CMSException e) {
|
||||
String errorMsg = "CMS issue occurred when generating getPKIMessage";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
}
|
||||
}
|
||||
|
||||
public static X509Certificate generateCertificateFromCSR(PrivateKey privateKey,
|
||||
PKCS10CertificationRequest request,
|
||||
String issueSubject)
|
||||
throws KeystoreException {
|
||||
|
||||
CommonUtil commonUtil = new CommonUtil();
|
||||
Date validityBeginDate = commonUtil.getValidityStartDate();
|
||||
Date validityEndDate = commonUtil.getValidityEndDate();
|
||||
|
||||
X509v3CertificateBuilder certificateBuilder = new X509v3CertificateBuilder(
|
||||
new X500Name(issueSubject), BigInteger.valueOf(System.currentTimeMillis()),
|
||||
validityBeginDate, validityEndDate, request.getSubject(), request.getSubjectPublicKeyInfo());
|
||||
|
||||
ContentSigner sigGen;
|
||||
X509Certificate issuedCert;
|
||||
try {
|
||||
certificateBuilder.addExtension(X509Extension.keyUsage, true, new KeyUsage(
|
||||
KeyUsage.digitalSignature | KeyUsage.keyEncipherment));
|
||||
sigGen = new JcaContentSignerBuilder(ConfigurationUtil.SHA256_RSA)
|
||||
.setProvider(ConfigurationUtil.PROVIDER).build(privateKey);
|
||||
issuedCert = new JcaX509CertificateConverter().setProvider(
|
||||
ConfigurationUtil.PROVIDER).getCertificate(
|
||||
certificateBuilder.build(sigGen));
|
||||
} catch (CertIOException e) {
|
||||
String errorMsg = "Certificate Input output issue occurred when generating generateCertificateFromCSR";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (OperatorCreationException e) {
|
||||
String errorMsg = "Operator creation issue occurred when generating generateCertificateFromCSR";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (CertificateException e) {
|
||||
String errorMsg = "Certificate issue occurred when generating generateCertificateFromCSR";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
}
|
||||
|
||||
return issuedCert;
|
||||
}
|
||||
|
||||
private CMSSignedData getMessageData(final List<X509Certificate> certs) throws KeystoreException {
|
||||
|
||||
CMSSignedDataGenerator generator = new CMSSignedDataGenerator();
|
||||
JcaCertStore store;
|
||||
try {
|
||||
store = new JcaCertStore(certs);
|
||||
generator.addCertificates(store);
|
||||
|
||||
return generator.generate(new CMSAbsentContent());
|
||||
} catch (CertificateEncodingException e) {
|
||||
String errorMsg = "Certificate encoding issue occurred when generating getMessageData";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (CMSException e) {
|
||||
String errorMsg = "Message decoding issue occurred when generating getMessageData";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
}
|
||||
}
|
||||
|
||||
private PrivateKey getSignerKey(String signerPrivateKeyPath) throws KeystoreException {
|
||||
|
||||
File file = new File(signerPrivateKeyPath);
|
||||
FileInputStream fis;
|
||||
|
||||
try {
|
||||
fis = new FileInputStream(file);
|
||||
DataInputStream dis = new DataInputStream(fis);
|
||||
byte[] keyBytes = new byte[(int) file.length()];
|
||||
dis.readFully(keyBytes);
|
||||
dis.close();
|
||||
|
||||
String temp = new String(keyBytes);
|
||||
String privateKeyPEM = temp.replace(
|
||||
ConfigurationUtil.RSA_PRIVATE_KEY_BEGIN_TEXT, ConfigurationUtil.EMPTY_TEXT);
|
||||
privateKeyPEM = privateKeyPEM
|
||||
.replace(ConfigurationUtil.RSA_PRIVATE_KEY_END_TEXT, ConfigurationUtil.EMPTY_TEXT);
|
||||
|
||||
byte[] decoded = Base64.decodeBase64(privateKeyPEM);
|
||||
PKCS8EncodedKeySpec encodedKeySpec = new PKCS8EncodedKeySpec(decoded);
|
||||
KeyFactory keyFactory = KeyFactory.getInstance(ConfigurationUtil.RSA);
|
||||
|
||||
return keyFactory.generatePrivate(encodedKeySpec);
|
||||
} catch (FileNotFoundException e) {
|
||||
String errorMsg = "Private key file not found in getSignerKey";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (IOException e) {
|
||||
String errorMsg = "Input output issue in getSignerKey";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
String errorMsg = "Algorithm not not found in getSignerKey";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (InvalidKeySpecException e) {
|
||||
String errorMsg = "Invalid key found in getSignerKey";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
}
|
||||
}
|
||||
|
||||
private X509Certificate getSigner(String signerCertificatePath) throws KeystoreException {
|
||||
|
||||
X509Certificate certificate;
|
||||
try {
|
||||
CertificateFactory certificateFactory = CertificateFactory.getInstance(ConfigurationUtil.X_509);
|
||||
certificate = (X509Certificate) certificateFactory.generateCertificate(
|
||||
new FileInputStream(signerCertificatePath));
|
||||
|
||||
return certificate;
|
||||
} catch (CertificateException e) {
|
||||
String errorMsg = "Certificate related issue occurred in getSigner";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (FileNotFoundException e) {
|
||||
String errorMsg = "Signer certificate path not found in getSigner";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
}
|
||||
}
|
||||
|
||||
public SCEPResponse getCACert() throws KeystoreException {
|
||||
|
||||
try {
|
||||
SCEPResponse scepResponse = new SCEPResponse();
|
||||
KeyStoreReader keyStoreReader = new KeyStoreReader();
|
||||
|
||||
byte[] caBytes = keyStoreReader.getCACertificate().getEncoded();
|
||||
byte[] raBytes = keyStoreReader.getRACertificate().getEncoded();
|
||||
|
||||
final List<X509Certificate> certs = getRootCertificates(caBytes, raBytes);
|
||||
|
||||
byte[] bytes;
|
||||
if (certs.size() == 0) {
|
||||
scepResponse.setResultCriteria(CAStatus.CA_CERT_FAILED);
|
||||
bytes = new byte[0];
|
||||
} else if (certs.size() == 1) {
|
||||
scepResponse.setResultCriteria(CAStatus.CA_CERT_RECEIVED);
|
||||
bytes = certs.get(0).getEncoded();
|
||||
} else {
|
||||
scepResponse.setResultCriteria(CAStatus.CA_RA_CERT_RECEIVED);
|
||||
CMSSignedDataGenerator generator = new CMSSignedDataGenerator();
|
||||
JcaCertStore store = new JcaCertStore(certs);
|
||||
generator.addCertificates(store);
|
||||
CMSSignedData degenerateSd = generator.generate(new CMSAbsentContent());
|
||||
bytes = degenerateSd.getEncoded();
|
||||
}
|
||||
scepResponse.setEncodedResponse(bytes);
|
||||
|
||||
return scepResponse;
|
||||
} catch (CertificateEncodingException e) {
|
||||
String errorMsg = "Certificate encoding issue occurred in getCACert";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (CMSException e) {
|
||||
String errorMsg = "CMS issue occurred in getCACert";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (IOException e) {
|
||||
String errorMsg = "Input output issue occurred in getCACert";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (KeystoreException e) {
|
||||
String errorMsg = "Keystore reading error occurred when handling profile request";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
@ -0,0 +1,186 @@
|
||||
/*
|
||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
package org.wso2.carbon.certificate.mgt.core.impl;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.wso2.carbon.certificate.mgt.core.util.ConfigurationUtil;
|
||||
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
|
||||
|
||||
import java.io.FileInputStream;
|
||||
import java.io.FileNotFoundException;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.security.KeyStore;
|
||||
import java.security.KeyStoreException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.PrivateKey;
|
||||
import java.security.UnrecoverableKeyException;
|
||||
import java.security.cert.Certificate;
|
||||
import java.security.cert.CertificateException;
|
||||
|
||||
public class KeyStoreReader {
|
||||
|
||||
private static final Log log = LogFactory.getLog(KeyStoreReader.class);
|
||||
|
||||
private KeyStore loadKeyStore(String configEntryKeyStoreType, String configEntryKeyStorePath,
|
||||
String configEntryKeyStorePassword) throws KeystoreException {
|
||||
|
||||
InputStream inputStream = null;
|
||||
KeyStore keystore;
|
||||
|
||||
try {
|
||||
keystore = KeyStore.getInstance(ConfigurationUtil.getConfigEntry(configEntryKeyStoreType));
|
||||
inputStream = new FileInputStream(ConfigurationUtil.getConfigEntry(configEntryKeyStorePath));
|
||||
keystore.load(inputStream, ConfigurationUtil.getConfigEntry(configEntryKeyStorePassword).toCharArray());
|
||||
|
||||
} catch (KeyStoreException e) {
|
||||
String errorMsg = "KeyStore issue occurred when loading KeyStore";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (FileNotFoundException e) {
|
||||
String errorMsg = "KeyStore file not found when loading KeyStore";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
String errorMsg = "Algorithm not found when loading KeyStore";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (CertificateException e) {
|
||||
String errorMsg = "Certificate expired when loading KeyStore";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (IOException e) {
|
||||
String errorMsg = "Input output issue occurred when loading KeyStore";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} finally {
|
||||
try {
|
||||
if (inputStream != null) {
|
||||
inputStream.close();
|
||||
}
|
||||
} catch (IOException e) {
|
||||
log.error("Error closing KeyStore input stream", e);
|
||||
}
|
||||
}
|
||||
|
||||
return keystore;
|
||||
}
|
||||
|
||||
KeyStore loadMDMKeyStore() throws KeystoreException {
|
||||
return loadKeyStore(ConfigurationUtil.CERTIFICATE_KEYSTORE, ConfigurationUtil.PATH_CERTIFICATE_KEYSTORE,
|
||||
ConfigurationUtil.CERTIFICATE_KEYSTORE_PASSWORD);
|
||||
}
|
||||
|
||||
public Certificate getCACertificate() throws KeystoreException {
|
||||
|
||||
KeyStore keystore = loadMDMKeyStore();
|
||||
Certificate caCertificate;
|
||||
|
||||
try {
|
||||
caCertificate = keystore.getCertificate(ConfigurationUtil.getConfigEntry(ConfigurationUtil.CA_CERT_ALIAS));
|
||||
} catch (KeyStoreException e) {
|
||||
String errorMsg = "KeyStore issue occurred when loading KeyStore";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
}
|
||||
|
||||
if (caCertificate == null) {
|
||||
throw new KeystoreException("CA certificate not found in KeyStore");
|
||||
}
|
||||
|
||||
return caCertificate;
|
||||
}
|
||||
|
||||
PrivateKey getCAPrivateKey() throws KeystoreException {
|
||||
|
||||
KeyStore keyStore = loadMDMKeyStore();
|
||||
PrivateKey caPrivateKey;
|
||||
try {
|
||||
caPrivateKey = (PrivateKey) (keyStore.getKey(
|
||||
ConfigurationUtil.getConfigEntry(ConfigurationUtil.CA_CERT_ALIAS),
|
||||
ConfigurationUtil.getConfigEntry(ConfigurationUtil.KEYSTORE_CA_CERT_PRIV_PASSWORD).toCharArray()));
|
||||
} catch (UnrecoverableKeyException e) {
|
||||
String errorMsg = "Key is unrecoverable when retrieving CA private key";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (KeyStoreException e) {
|
||||
String errorMsg = "KeyStore issue occurred when retrieving CA private key";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
String errorMsg = "Algorithm not found when retrieving CA private key";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
}
|
||||
|
||||
if (caPrivateKey == null) {
|
||||
throw new KeystoreException("CA private key not found in KeyStore");
|
||||
}
|
||||
|
||||
return caPrivateKey;
|
||||
}
|
||||
|
||||
public Certificate getRACertificate() throws KeystoreException {
|
||||
|
||||
KeyStore keystore = loadMDMKeyStore();
|
||||
Certificate raCertificate;
|
||||
try {
|
||||
raCertificate = keystore.getCertificate(ConfigurationUtil.getConfigEntry(ConfigurationUtil.RA_CERT_ALIAS));
|
||||
} catch (KeyStoreException e) {
|
||||
String errorMsg = "KeyStore issue occurred when retrieving RA private key";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
}
|
||||
|
||||
if (raCertificate == null) {
|
||||
throw new KeystoreException("RA certificate not found in KeyStore");
|
||||
}
|
||||
|
||||
return raCertificate;
|
||||
}
|
||||
|
||||
PrivateKey getRAPrivateKey() throws KeystoreException {
|
||||
|
||||
KeyStore keystore = loadMDMKeyStore();
|
||||
PrivateKey raPrivateKey;
|
||||
try {
|
||||
raPrivateKey = (PrivateKey) (keystore.getKey(
|
||||
ConfigurationUtil.getConfigEntry(ConfigurationUtil.RA_CERT_ALIAS),
|
||||
ConfigurationUtil.getConfigEntry(ConfigurationUtil.KEYSTORE_RA_CERT_PRIV_PASSWORD).toCharArray()));
|
||||
} catch (UnrecoverableKeyException e) {
|
||||
String errorMsg = "Key is unrecoverable when retrieving RA private key";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (KeyStoreException e) {
|
||||
String errorMsg = "KeyStore issue occurred when retrieving RA private key";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
String errorMsg = "Algorithm not found when retrieving RA private key";
|
||||
log.error(errorMsg, e);
|
||||
throw new KeystoreException(errorMsg, e);
|
||||
}
|
||||
|
||||
if (raPrivateKey == null) {
|
||||
throw new KeystoreException("RA private key not found in KeyStore");
|
||||
}
|
||||
|
||||
return raPrivateKey;
|
||||
}
|
||||
}
|
@ -0,0 +1,57 @@
|
||||
/*
|
||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
package org.wso2.carbon.certificate.mgt.core.internal;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.osgi.framework.BundleContext;
|
||||
import org.osgi.service.component.ComponentContext;
|
||||
import org.wso2.carbon.certificate.mgt.core.service.CertificateManagementServiceImpl;
|
||||
|
||||
/**
|
||||
* @scr.component name="org.wso2.carbon.certificate.mgt" immediate="true"
|
||||
*/
|
||||
public class CertificateManagementServiceComponent {
|
||||
|
||||
private static Log log = LogFactory.getLog(CertificateManagementServiceComponent.class);
|
||||
|
||||
@SuppressWarnings("unused")
|
||||
protected void activate(ComponentContext componentContext) {
|
||||
try {
|
||||
if (log.isDebugEnabled()) {
|
||||
log.debug("Initializing certificate management core bundle");
|
||||
}
|
||||
|
||||
BundleContext bundleContext = componentContext.getBundleContext();
|
||||
bundleContext.registerService(CertificateManagementServiceImpl.class.getName(),
|
||||
CertificateManagementServiceImpl.getInstance(), null);
|
||||
|
||||
if (log.isDebugEnabled()) {
|
||||
log.debug("Certificate management core bundle has been successfully initialized");
|
||||
}
|
||||
} catch (Throwable e) {
|
||||
log.error("Error occurred while initializing certificate management core bundle", e);
|
||||
}
|
||||
}
|
||||
|
||||
@SuppressWarnings("unused")
|
||||
protected void deactivate(ComponentContext componentContext) {
|
||||
//do nothing
|
||||
}
|
||||
|
||||
}
|
@ -0,0 +1,49 @@
|
||||
/*
|
||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
package org.wso2.carbon.certificate.mgt.core.service;
|
||||
|
||||
import org.bouncycastle.pkcs.PKCS10CertificationRequest;
|
||||
import org.wso2.carbon.certificate.mgt.core.dto.SCEPResponse;
|
||||
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
|
||||
|
||||
import java.io.InputStream;
|
||||
import java.security.PrivateKey;
|
||||
import java.security.cert.Certificate;
|
||||
import java.security.cert.X509Certificate;
|
||||
import java.util.List;
|
||||
|
||||
public interface CertificateManagementService {
|
||||
|
||||
Certificate getCACertificate() throws KeystoreException;
|
||||
|
||||
Certificate getRACertificate() throws KeystoreException;
|
||||
|
||||
public List<X509Certificate> getRootCertificates(byte[] ca, byte[] ra) throws KeystoreException;
|
||||
|
||||
public X509Certificate generateX509Certificate() throws KeystoreException;
|
||||
|
||||
public SCEPResponse getCACertSCEP() throws KeystoreException;
|
||||
|
||||
public byte[] getCACapsSCEP();
|
||||
|
||||
public byte[] getPKIMessageSCEP(InputStream inputStream) throws KeystoreException;
|
||||
|
||||
public X509Certificate generateCertificateFromCSR(PrivateKey privateKey,
|
||||
PKCS10CertificationRequest request,
|
||||
String issueSubject) throws KeystoreException;
|
||||
}
|
@ -0,0 +1,87 @@
|
||||
/*
|
||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
package org.wso2.carbon.certificate.mgt.core.service;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.bouncycastle.pkcs.PKCS10CertificationRequest;
|
||||
import org.wso2.carbon.certificate.mgt.core.dto.SCEPResponse;
|
||||
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
|
||||
import org.wso2.carbon.certificate.mgt.core.impl.CertificateGenerator;
|
||||
import org.wso2.carbon.certificate.mgt.core.impl.KeyStoreReader;
|
||||
import org.wso2.carbon.certificate.mgt.core.util.ConfigurationUtil;
|
||||
|
||||
import java.io.InputStream;
|
||||
import java.security.PrivateKey;
|
||||
import java.security.cert.Certificate;
|
||||
import java.security.cert.X509Certificate;
|
||||
import java.util.List;
|
||||
|
||||
public class CertificateManagementServiceImpl implements CertificateManagementService {
|
||||
|
||||
private static final Log log = LogFactory.getLog(CertificateManagementServiceImpl.class);
|
||||
private static CertificateManagementServiceImpl certificateManagementServiceImpl;
|
||||
private static KeyStoreReader keyStoreReader;
|
||||
private static CertificateGenerator certificateGenerator;
|
||||
|
||||
private CertificateManagementServiceImpl() {}
|
||||
|
||||
public static CertificateManagementServiceImpl getInstance() {
|
||||
|
||||
if (certificateManagementServiceImpl == null) {
|
||||
certificateManagementServiceImpl = new CertificateManagementServiceImpl();
|
||||
keyStoreReader = new KeyStoreReader();
|
||||
certificateGenerator = new CertificateGenerator();
|
||||
}
|
||||
return certificateManagementServiceImpl;
|
||||
}
|
||||
|
||||
public Certificate getCACertificate() throws KeystoreException {
|
||||
return keyStoreReader.getCACertificate();
|
||||
}
|
||||
|
||||
public Certificate getRACertificate() throws KeystoreException {
|
||||
return keyStoreReader.getRACertificate();
|
||||
}
|
||||
|
||||
public List<X509Certificate> getRootCertificates(byte[] ca, byte[] ra) throws KeystoreException {
|
||||
return certificateGenerator.getRootCertificates(ca, ra);
|
||||
}
|
||||
|
||||
public X509Certificate generateX509Certificate() throws KeystoreException {
|
||||
return certificateGenerator.generateX509Certificate();
|
||||
}
|
||||
|
||||
public SCEPResponse getCACertSCEP() throws KeystoreException {
|
||||
return certificateGenerator.getCACert();
|
||||
}
|
||||
|
||||
public byte[] getCACapsSCEP() {
|
||||
return ConfigurationUtil.POST_BODY_CA_CAPS.getBytes();
|
||||
}
|
||||
|
||||
public byte[] getPKIMessageSCEP(InputStream inputStream) throws KeystoreException {
|
||||
return certificateGenerator.getPKIMessage(inputStream);
|
||||
}
|
||||
|
||||
public X509Certificate generateCertificateFromCSR(PrivateKey privateKey,
|
||||
PKCS10CertificationRequest request,
|
||||
String issueSubject) throws KeystoreException {
|
||||
return certificateGenerator.generateCertificateFromCSR(privateKey, request, issueSubject);
|
||||
}
|
||||
}
|
@ -0,0 +1,43 @@
|
||||
/*
|
||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
package org.wso2.carbon.certificate.mgt.core.util;
|
||||
|
||||
import java.util.Calendar;
|
||||
import java.util.Date;
|
||||
|
||||
public class CommonUtil {
|
||||
|
||||
public Date getValidityStartDate() {
|
||||
Date targetDate = new Date();
|
||||
Calendar calendar = Calendar.getInstance();
|
||||
calendar.setTime(targetDate);
|
||||
calendar.add(Calendar.DATE, -2);
|
||||
|
||||
return calendar.getTime();
|
||||
}
|
||||
|
||||
public Date getValidityEndDate() {
|
||||
Date targetDate = new Date();
|
||||
Calendar calendar = Calendar.getInstance();
|
||||
calendar.setTime(targetDate);
|
||||
calendar.add(Calendar.YEAR, 100);
|
||||
|
||||
return calendar.getTime();
|
||||
}
|
||||
|
||||
}
|
@ -0,0 +1,137 @@
|
||||
/*
|
||||
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
package org.wso2.carbon.certificate.mgt.core.util;
|
||||
|
||||
import org.w3c.dom.Document;
|
||||
import org.w3c.dom.NodeList;
|
||||
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
|
||||
import org.xml.sax.SAXException;
|
||||
import javax.xml.parsers.DocumentBuilder;
|
||||
import javax.xml.parsers.DocumentBuilderFactory;
|
||||
import javax.xml.parsers.ParserConfigurationException;
|
||||
import java.io.File;
|
||||
import java.io.IOException;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
public class ConfigurationUtil {
|
||||
|
||||
public static final String PATH_CERTIFICATE_KEYSTORE = "CertificateKeystoreLocation";
|
||||
public static final String CERTIFICATE_KEYSTORE_PASSWORD = "CertificateKeystorePassword";
|
||||
public static final String KEYSTORE_CA_CERT_PRIV_PASSWORD = "CAPrivateKeyPassword";
|
||||
public static final String KEYSTORE_RA_CERT_PRIV_PASSWORD = "RAPrivateKeyPassword";
|
||||
public static final String CA_CERT_ALIAS = "CACertAlias";
|
||||
public static final String RA_CERT_ALIAS = "RACertAlias";
|
||||
public static final String SIGNATUREALGO = "SHA1withRSA";
|
||||
public static final String PROVIDER = "BC";
|
||||
public static final String KEYSTORE = "Type";
|
||||
public static final String CERTIFICATE_KEYSTORE = "CertificateKeystoreType";
|
||||
public static final String RSA = "RSA";
|
||||
public static final String UTF_8 = "UTF-8";
|
||||
public static final String SHA256_RSA = "SHA256WithRSAEncryption";
|
||||
public static final String X_509 = "X.509";
|
||||
public static final String POST_BODY_CA_CAPS = "POSTPKIOperation\nSHA-1\nDES3\n";
|
||||
public static final String DES_EDE = "DESede";
|
||||
public static final String CONF_LOCATION = "conf.location";
|
||||
private static final String CARBON_HOME = "carbon.home";
|
||||
private static final String CERTIFICATE_CONFIG_XML = "certificate-config.xml";
|
||||
private static final String CARBON_HOME_ENTRY = "${carbon.home}";
|
||||
public static final String DEFAULT_PRINCIPAL = "O=WSO2, OU=Mobile, C=LK";
|
||||
public static final String RSA_PRIVATE_KEY_BEGIN_TEXT = "-----BEGIN RSA PRIVATE KEY-----\n";
|
||||
public static final String RSA_PRIVATE_KEY_END_TEXT = "-----END RSA PRIVATE KEY-----";
|
||||
public static final String EMPTY_TEXT = "";
|
||||
public static final int RSA_KEY_LENGTH = 1024;
|
||||
|
||||
|
||||
private static ConfigurationUtil configurationUtil;
|
||||
private static final String[] emmConfigEntryNames = { CA_CERT_ALIAS, RA_CERT_ALIAS,
|
||||
CERTIFICATE_KEYSTORE, PATH_CERTIFICATE_KEYSTORE, CERTIFICATE_KEYSTORE_PASSWORD,
|
||||
KEYSTORE_CA_CERT_PRIV_PASSWORD, KEYSTORE_RA_CERT_PRIV_PASSWORD };
|
||||
|
||||
private static Map<String, String> configMap;
|
||||
|
||||
private static Map<String, String> readEMMConfigurations() throws KeystoreException {
|
||||
|
||||
String emmConfLocation = System.getProperty(CONF_LOCATION) + File.separator + CERTIFICATE_CONFIG_XML;
|
||||
|
||||
if (configurationUtil == null || configMap == null) {
|
||||
|
||||
configurationUtil = new ConfigurationUtil();
|
||||
configMap = new HashMap<String, String>();
|
||||
|
||||
Document document;
|
||||
try {
|
||||
File fXmlFile = new File(emmConfLocation);
|
||||
DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
|
||||
DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder();
|
||||
document = documentBuilder.parse(fXmlFile);
|
||||
} catch (ParserConfigurationException e) {
|
||||
throw new KeystoreException("Error parsing configuration in ios-config.xml file");
|
||||
} catch (SAXException e) {
|
||||
throw new KeystoreException("SAX exception in ios-config.xml file");
|
||||
} catch (IOException e) {
|
||||
throw new KeystoreException("Error reading ios-config.xml file");
|
||||
}
|
||||
|
||||
for (String configEntry : emmConfigEntryNames) {
|
||||
NodeList elements = document.getElementsByTagName(configEntry);
|
||||
if (elements != null && elements.getLength() > 0) {
|
||||
configMap.put(configEntry, elements.item(0).getTextContent());
|
||||
}
|
||||
}
|
||||
|
||||
String emmKeyStoreLocation = replaceCarbonHomeEnvEntry(configMap.get(PATH_CERTIFICATE_KEYSTORE));
|
||||
if (emmKeyStoreLocation != null) {
|
||||
configMap.put(PATH_CERTIFICATE_KEYSTORE, emmKeyStoreLocation);
|
||||
}
|
||||
}
|
||||
|
||||
return configMap;
|
||||
}
|
||||
|
||||
public static String getConfigEntry(final String entry) throws KeystoreException {
|
||||
|
||||
Map<String, String> configurationMap = readEMMConfigurations();
|
||||
String configValue = configurationMap.get(entry);
|
||||
|
||||
if (configValue == null) {
|
||||
throw new KeystoreException(String.format("Configuration entry %s not available", entry));
|
||||
}
|
||||
|
||||
return configValue.trim();
|
||||
}
|
||||
|
||||
private static String replaceCarbonHomeEnvEntry(String entry) {
|
||||
if (entry != null && entry.toLowerCase().contains(CARBON_HOME_ENTRY)) {
|
||||
return entry.replace(CARBON_HOME_ENTRY, System.getProperty(CARBON_HOME));
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
public static ConfigurationUtil getInstance() {
|
||||
if (configurationUtil == null) {
|
||||
synchronized (ConfigurationUtil.class) {
|
||||
if (configurationUtil == null) {
|
||||
configurationUtil = new ConfigurationUtil();
|
||||
}
|
||||
}
|
||||
}
|
||||
return configurationUtil;
|
||||
}
|
||||
}
|
@ -0,0 +1,101 @@
|
||||
package org.wso2.carbon.certificate.mgt.core.impl;
|
||||
|
||||
import org.apache.commons.io.FileUtils;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.testng.Assert;
|
||||
import org.testng.annotations.Test;
|
||||
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
|
||||
import org.wso2.carbon.certificate.mgt.core.util.ConfigurationUtil;
|
||||
|
||||
import java.io.File;
|
||||
import java.io.IOException;
|
||||
import java.security.cert.X509Certificate;
|
||||
import java.util.List;
|
||||
|
||||
public class CertificateGeneratorTestSuite {
|
||||
|
||||
private static Log log = LogFactory.getLog(CertificateGeneratorTestSuite.class);
|
||||
private static final String CA_CERT_PEM = "src/test/resources/ca_cert.pem";
|
||||
private static final String RA_CERT_PEM = "src/test/resources/ra_cert.pem";
|
||||
private static final String CA_PRIVATE_KEY_PATH = "src/test/resources/ca_private.key";
|
||||
private final CertificateGenerator certificateGenerator = new CertificateGenerator();
|
||||
|
||||
@Test
|
||||
public void testGetRootCertificates() {
|
||||
try {
|
||||
File caPemFile = new File(CA_CERT_PEM);
|
||||
File raPemFile = new File(RA_CERT_PEM);
|
||||
|
||||
byte[] ca = FileUtils.readFileToByteArray(caPemFile);
|
||||
byte[] ra = FileUtils.readFileToByteArray(raPemFile);
|
||||
|
||||
List<X509Certificate> rootCertificates = certificateGenerator.getRootCertificates(ca, ra);
|
||||
Assert.assertNotNull(rootCertificates, "Root certificates retrieved");
|
||||
|
||||
Assert.assertEquals(rootCertificates.get(0).getType(), ConfigurationUtil.X_509);
|
||||
Assert.assertEquals(rootCertificates.get(1).getType(), ConfigurationUtil.X_509);
|
||||
} catch (IOException e) {
|
||||
Assert.fail("Error reading byte streams for CA and RA ", e);
|
||||
} catch (KeystoreException e) {
|
||||
Assert.fail("Error retrieving root certificates ", e);
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testGenerateX509Certificate() {
|
||||
try {
|
||||
X509Certificate certificate = certificateGenerator.generateX509Certificate();
|
||||
|
||||
Assert.assertNotNull(certificate, "Certificate received");
|
||||
Assert.assertEquals(certificate.getType(), ConfigurationUtil.X_509);
|
||||
} catch (KeystoreException e) {
|
||||
Assert.fail("Error occurred while generating X509 certificate ", e);
|
||||
}
|
||||
}
|
||||
|
||||
// @Test
|
||||
// public void testGetPKIMessage() {
|
||||
// try {
|
||||
// byte[] pkiMessage = certificateGenerator.getPKIMessage(null);
|
||||
// } catch (IOSEnrollmentException e) {
|
||||
// Assert.fail("Error occurred while retrieving PKI Message ", e);
|
||||
// }
|
||||
// }
|
||||
|
||||
@Test
|
||||
public void testGenerateCertificateFromCSR() {
|
||||
try {
|
||||
X509Certificate certificate = certificateGenerator.generateX509Certificate();
|
||||
|
||||
Assert.assertNotNull(certificate, "Certificate received");
|
||||
Assert.assertEquals(certificate.getType(), ConfigurationUtil.X_509);
|
||||
} catch (KeystoreException e) {
|
||||
Assert.fail("Error occurred while generating certificate ", e);
|
||||
}
|
||||
}
|
||||
|
||||
// @Test
|
||||
// public void testGetSignerKey() {
|
||||
// try {
|
||||
// PrivateKey privateKey = certificateGenerator.getSignerKey(CA_PRIVATE_KEY_PATH);
|
||||
//
|
||||
// Assert.assertNotNull(privateKey, "Private key received");
|
||||
// Assert.assertEquals(privateKey.getAlgorithm(), ConfigurationUtil.RSA);
|
||||
// } catch (KeystoreException e) {
|
||||
// Assert.fail("Error occurred while generating certificate ", e);
|
||||
// }
|
||||
// }
|
||||
//
|
||||
// @Test
|
||||
// public void testGetSigner() {
|
||||
// try {
|
||||
// X509Certificate certificate = certificateGenerator.getSigner(CA_CERT_PEM);
|
||||
//
|
||||
// Assert.assertNotNull(certificate, "Certificate received");
|
||||
// Assert.assertEquals(certificate.getType(), ConfigurationUtil.X_509);
|
||||
// } catch (KeystoreException e) {
|
||||
// Assert.fail("Error while retrieving certificate ", e);
|
||||
// }
|
||||
// }
|
||||
}
|
@ -0,0 +1,38 @@
|
||||
package org.wso2.carbon.certificate.mgt.core.util;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.testng.Assert;
|
||||
import org.testng.annotations.Test;
|
||||
|
||||
import java.util.Date;
|
||||
|
||||
public class CommonUtilTestSuite {
|
||||
|
||||
private static Log log = LogFactory.getLog(CommonUtilTestSuite.class);
|
||||
private final CommonUtil commonUtil = new CommonUtil();
|
||||
|
||||
@Test
|
||||
public void testValidityStartDate() {
|
||||
Date validityStartDate = commonUtil.getValidityStartDate();
|
||||
|
||||
if(validityStartDate == null) {
|
||||
Assert.fail("Validity start date is empty");
|
||||
}
|
||||
|
||||
Date todayDate = new Date();
|
||||
Assert.assertTrue(validityStartDate.before(todayDate), "Validity start date is valid");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testValidityEndDate() {
|
||||
Date validityEndDate = commonUtil.getValidityEndDate();
|
||||
|
||||
if(validityEndDate == null) {
|
||||
Assert.fail("Validity end date is empty");
|
||||
}
|
||||
|
||||
Date todayDate = new Date();
|
||||
Assert.assertTrue(validityEndDate.after(todayDate), "Validity end date is valid");
|
||||
}
|
||||
}
|
@ -0,0 +1,34 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIF+zCCA+OgAwIBAgIJAJE458QXNuiLMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYD
|
||||
VQQGEwJVUzENMAsGA1UECBMEVGVzdDENMAsGA1UEBxMEVGVzdDERMA8GA1UEChMI
|
||||
VGVzdCBPcmcxFjAUBgNVBAsTDVRlc3Qgb3JnIHVuaXQxFTATBgNVBAMTDFdTTzIg
|
||||
Um9vdCBDQTEcMBoGCSqGSIb3DQEJARYNcm9vdEB3c28yLmNvbTAeFw0xNTAxMjcx
|
||||
MjUxMjRaFw0xNzEwMjMxMjUxMjRaMIGLMQswCQYDVQQGEwJVUzENMAsGA1UECBME
|
||||
VGVzdDENMAsGA1UEBxMEVGVzdDERMA8GA1UEChMIVGVzdCBPcmcxFjAUBgNVBAsT
|
||||
DVRlc3Qgb3JnIHVuaXQxFTATBgNVBAMTDFdTTzIgUm9vdCBDQTEcMBoGCSqGSIb3
|
||||
DQEJARYNcm9vdEB3c28yLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
|
||||
ggIBANJ756zjlkNKJf9O80qwFWxlwr4vOa80oaGXaO8Luj8ZNb7zyGATppTmZi2b
|
||||
rRVfNPGHhN/0REb5+Gcf0xvk1b5Wp4E+JoDKfZMwOVQsMVmKYHqopgiiE28L/YoN
|
||||
d0XmZA0J03nfQ4rzYggwQX7oRsW/AptkdURV4i8xD3SsqDGDZyYxQVDkj55nrweE
|
||||
d5FWOnYvvpdbFJ4WanJmGe1WRtLMJ0jFi7tw9Wc7W/5+fvIA9bvHDHoG1VlfyjQU
|
||||
SvTLlAN7Ui0ztXTcOZuN3HI0putMQRyaAD7Ljl7E1ROiqMhN/z80Bck8Yi7ELOmq
|
||||
+cJOir/4CAamj8SugZ0iXo922slrSemWL9tjNT7MFmjFXmgIfVmaJF7OxKyxHhO8
|
||||
gJKTlU2KSJJH2CzMwnGdRFrDlsAotVjGLYFWHUN4HW2uA2crEEmk+UduwnVMazqU
|
||||
wBFxv+INf0U55bsXTv7C3L06IUaTBvxhxKQmzj9BeQGwWAC2Co4s5riT2ttivSRl
|
||||
XijPIEDTfmvE/fjj4KfQQOTY3+EejacMe6gb/qVsCZ1g9Tbk7WLgjYHBuOQSAz3l
|
||||
wPPqPY+6CakeL29wWyPg7pGzR6lMcYItUdHJuNsTijs0x6Xi1O5iIuL2o0vl8FRH
|
||||
+tZFm3ujtCIHprjUgcn6aOR9Ms/NkUJCziKKAb4KoohNFgr/AgMBAAGjYDBeMB0G
|
||||
A1UdDgQWBBSDhLDYVCYhJsxvK1ZNV05qGGVajjAfBgNVHSMEGDAWgBSDhLDYVCYh
|
||||
JsxvK1ZNV05qGGVajjAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBhjANBgkq
|
||||
hkiG9w0BAQUFAAOCAgEAykqOsxHV43Bx24+7DfxLNYyafBayHacQ4uwtldwexyQB
|
||||
fIyJKjhzZUSvl37zhFPhJRJHogFIds+FoqaQsF8PvI/YSKs3UYRhje2mJan79lEA
|
||||
rCd+3zDGmzQhmutVo7C1bCQuujV8YLIJGvvcnMcHnMLpc5CfjzmI2C6qMZ5XgpHx
|
||||
/Mhindllqr0ZVvqRive0A2svW1k47XWB7BIfx/aoZ1viPHDNYVuYZ6j/NAFv8/Fu
|
||||
3n/TfYOJ5rz0NPGHYXnmFcgGxtYTu5u6Q9YVdDLZv9lqYbMRSdiQ8SVDzwxft9N5
|
||||
g6/VoXLoMpCS7/6jR3J0GbG2r/vr024QMOHDZHQDjkAVUBni6/bRHqj389RnOXhQ
|
||||
+TSlx/hGgtdTpZRv63PjAqTCdDAhazWAgG/W+dxUhAywiOYHeXincuuDER0ypkfG
|
||||
caUvbN9/mWtGJvtW+L9OlTj3LQlXD2ORehz5itS3eV0DVkscCOLzzkVLtIJeew1o
|
||||
RmiADNOUe5A6V0cW5HIFi9F7Recqv9lGphwQeq+2cmvUKkSPcx+Z/SHTT/nIOioq
|
||||
xxafJhci5dAEsPgtzxnA6QqPQtxOj46aZxQh5+hzZ/1CQq3UThDdQreJL51c+NOS
|
||||
ZFQh6YVpJH6ZdSldBJnHjbS7RL/bv2kl1Pmv808T+iG+GpDw2XljwsI6TL8ACok=
|
||||
-----END CERTIFICATE-----
|
@ -0,0 +1,51 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIJKgIBAAKCAgEA0nvnrOOWQ0ol/07zSrAVbGXCvi85rzShoZdo7wu6Pxk1vvPI
|
||||
YBOmlOZmLZutFV808YeE3/RERvn4Zx/TG+TVvlangT4mgMp9kzA5VCwxWYpgeqim
|
||||
CKITbwv9ig13ReZkDQnTed9DivNiCDBBfuhGxb8Cm2R1RFXiLzEPdKyoMYNnJjFB
|
||||
UOSPnmevB4R3kVY6di++l1sUnhZqcmYZ7VZG0swnSMWLu3D1Zztb/n5+8gD1u8cM
|
||||
egbVWV/KNBRK9MuUA3tSLTO1dNw5m43ccjSm60xBHJoAPsuOXsTVE6KoyE3/PzQF
|
||||
yTxiLsQs6ar5wk6Kv/gIBqaPxK6BnSJej3bayWtJ6ZYv22M1PswWaMVeaAh9WZok
|
||||
Xs7ErLEeE7yAkpOVTYpIkkfYLMzCcZ1EWsOWwCi1WMYtgVYdQ3gdba4DZysQSaT5
|
||||
R27CdUxrOpTAEXG/4g1/RTnluxdO/sLcvTohRpMG/GHEpCbOP0F5AbBYALYKjizm
|
||||
uJPa22K9JGVeKM8gQNN+a8T9+OPgp9BA5Njf4R6Npwx7qBv+pWwJnWD1NuTtYuCN
|
||||
gcG45BIDPeXA8+o9j7oJqR4vb3BbI+DukbNHqUxxgi1R0cm42xOKOzTHpeLU7mIi
|
||||
4vajS+XwVEf61kWbe6O0IgemuNSByfpo5H0yz82RQkLOIooBvgqiiE0WCv8CAwEA
|
||||
AQKCAgBAyt+AOvawdAzKULVX0mhl29Vc0hDBvEPdCEzG+Sc18T64LzcJTENFJr9h
|
||||
XsCjCZG0n/DpN7ok1yH+LK/BsGmTk/0wLb+QecS6IGglXw058PzOBUhG9A1ja596
|
||||
dba3j7pQwSuWIoIaLd2Jg8FFnZ7blHbq+ruWc5GS0Vleox+LTlXcTeE7U4BaVLRu
|
||||
bfqYhKCubPgQg3sPRvsxh/iHNL3MegfFwPnIk3cXdhBVgP725BDA4v8WOTBHuNL3
|
||||
wR9px5kikT20qGw9MuWQ2tR3W3neiLSqZ0WYDvUeexzUVIf8UPY3sH3vemUG3GCu
|
||||
9XC4vZC8k091LKSo+MbxZfkR1JZ4R2CEMcFJaz/jc6VN2bTOWuWWczReOzq0Xx7P
|
||||
GbsmcQNBhY8qBoz+cOWifxBWZzKSWfcNMgwnNyAKlDrOehpp+gZ1yH7dk9fL/wrE
|
||||
jSEEnhq4SVDeGEOo7gEi17Px8/256PKwQB4wELPBwODBslPzJ0PPDKk4mxBq3JQP
|
||||
EJKnBhu15KGJuoUZ42GcYSn55Zu/Rujqhn9cWbwhq0KrExwVI3EWnd89dYv360Mu
|
||||
RskqPTuEpAUOUCQPIUT0p3f1PBgML6L5HxjJDUt6n2N8Y1xT8sKF6FKnbvdizcqz
|
||||
v0+xdBk0xpSoazHzH1lnia3fZ6EPzMPHbLrz4ga0eUdaGwbSEQKCAQEA6sUljKKH
|
||||
7EsKsXaQ6igqQ2TkZWTu+xqRlFjb2tTmyHt99O4w3L45ae0la7ApygTRFHs3z9XB
|
||||
ws12bVkXdA35txKk97SNmWDrZbxpswHmTSnrOLGD2VFD4J/YifuBkT8K7PEJno9U
|
||||
Ewi70RHGQEFfL3VL1TOa2WnJELOLkzoCkBL/NaVawtbK7O7KIrCu3jFCq3zu+uku
|
||||
XVHTzXi+gr+uknGraxKcyLhCu6/7Uot+uYrtCzFsk4vTs2bovWuL2KLi/MAP8x3K
|
||||
FcNNj2SPr+PzwzlqthiW/rtZjg7MFMdN9RAhImjbIJt3svzWsB4nr7VQxHYStfFJ
|
||||
xIwbFp233qFKjQKCAQEA5YSK9L9o4LRDilwCz3p1tZ1tgY9tMUbG2wx0dG9xrETY
|
||||
4yGwTPAc++Tp3aOnbO544ZpnGLBoQTgtOc1p4jyj/Md2CwlP8UfbYhEdYEN9Gn5H
|
||||
ylu1b0cRwHeO4Bfnekqk8EL0rl3KUUsAk2uKEwCBwsuxjFurMDasyoA5T5gcsa4p
|
||||
EhEF5D7t5sJb7f8hP+vMBa2yUKQT9dflF8xN7iHvxhun1qipX1AzZ341H94QbgRb
|
||||
rYdfxzBr4aa5UZe5Ls9ofQf0S3zXVEXah/Pg+3o0BppdIrtLXTWcI/yeE6L8/Ebr
|
||||
jMXLiTzd4bwWjbTijEJ/MKb/UsPQqbZsXNzMiyxuuwKCAQEAvs0xQkYJr+ohK6+Q
|
||||
AS5ZguJpmVpZu6yRKn65V/V2BvQOn1RCU/Up1kQNCKNooy4c+sdVyc0RJ5AyspYY
|
||||
sJJ3I+m8NzD/b+tMBSgGw5xEnuv1puLmpGUehF2E8Ed+uxwAdidDySD1lG6hrj4C
|
||||
4NAAWyK6WfER5abK6Y7yXdpkoNE/p0rXI8jLrZo4n872n9BrPdJQq419yAwr1i9O
|
||||
rha4+330chXzZFIUslNJL4H9oTAejN1DP/sBOCnn96KDSrK/RemWTOEmD1/mFicF
|
||||
fE8IGt78Mjhz510+YGz4Qd7lJclRFJUhmjOgKdDBbutjF7OFi9XmSQZsDJhNn6jY
|
||||
+dAeNQKCAQEAsAFpUfCq644xMRwIJ7VAKQrVnAIx+RTOj9JIR7XilPmi3OLLwORt
|
||||
RZmw4f+K99UUK+Vs5Bj7ifAbdnUYmp5oHwOSeTol7OBu0xBO17BJcpSeVwbm5rO4
|
||||
YEEO9rg+EaDGRV0DJ+fSq255vZM9Kf88gvYTbJArgeibrxqPWINMldD5u9oEC5la
|
||||
dJhdSPBaPhuDtGMUGBULHX73Nr28kT3DEsfIeKuUXvwwv0+gS5TOQp/i8fqbLzPp
|
||||
tvxUpsZUAxqYhTEhXPYaZoy+3Xze7dozpVCg1W6Nh6gB2fLyAhr+KDP2lFhmEhL0
|
||||
EBRds0Oga3De+p9FsuFo1YyIItpLnPpw2wKCAQEArUQM9k0Qprczx9sKf/YF+ulx
|
||||
tiiGyRUV7kAcrQiQAjB88wPoB/ovnW4VCI4y/mNeZGvyCWeQx9g+Ntc5BJlIlJYi
|
||||
wviyQ5Lq1OlOWQlWIkKCI2Z+s5uYKTSgZRp7VLnvKswHnxBy2Bxq3i9taP6QYlZz
|
||||
3ff/plfK3ZM6moc89wl/aQgdhWsV/WV7bKcnncM9K2N7dpKzRcZ+6iuJt9PNKo5V
|
||||
6GUYEvn04twumzgqGtYQbiq63YfHe8QLvX/j8ffGH8O0rUAIrQnrNl0n0SoE9ECU
|
||||
lUCVCXzypT+MKAeHfI4aFeWG48sdfnHPWOkyRHXWFLAwkHUVnqmYhXLpmJBtMw==
|
||||
-----END RSA PRIVATE KEY-----
|
@ -0,0 +1,19 @@
|
||||
<?xml version="1.0" encoding="ISO-8859-1"?>
|
||||
<CertificateConfigurations>
|
||||
<CertificateKeystore>
|
||||
<!-- EMM Keystore file location-->
|
||||
<CertificateKeystoreLocation>${carbon.home}/repository/resources/security/wso2cert.jks</CertificateKeystoreLocation>
|
||||
<!-- EMM Keystore type (JKS/PKCS12 etc.)-->
|
||||
<CertificateKeystoreType>JKS</CertificateKeystoreType>
|
||||
<!-- EMM Keystore password-->
|
||||
<CertificateKeystorePassword>wso2carbon</CertificateKeystorePassword>
|
||||
<!-- Certificate authority certificate alias -->
|
||||
<CACertAlias>cacert</CACertAlias>
|
||||
<!-- Certificate authority private key password -->
|
||||
<CAPrivateKeyPassword>cacert</CAPrivateKeyPassword>
|
||||
<!-- Registration authority certificate alias -->
|
||||
<RACertAlias>racert</RACertAlias>
|
||||
<!-- Registration authority private key password -->
|
||||
<RAPrivateKeyPassword>racert</RAPrivateKeyPassword>
|
||||
</CertificateKeystore>
|
||||
</CertificateConfigurations>
|
@ -0,0 +1,33 @@
|
||||
#
|
||||
# Copyright 2015 WSO2, Inc. (http://wso2.com)
|
||||
#
|
||||
# WSO2 Inc. licenses this file to you under the Apache License,
|
||||
# version 2.0 (the "License"); you may not use this file except
|
||||
# in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
#
|
||||
# This is the log4j configuration file used by WSO2 Carbon
|
||||
#
|
||||
# IMPORTANT : Please do not remove or change the names of any
|
||||
# of the Appenders defined here. The layout pattern & log file
|
||||
# can be changed using the WSO2 Carbon Management Console, and those
|
||||
# settings will override the settings in this file.
|
||||
#
|
||||
|
||||
log4j.rootLogger=INFO, STD_OUT
|
||||
|
||||
# Redirect log messages to console
|
||||
log4j.appender.STD_OUT=org.apache.log4j.ConsoleAppender
|
||||
log4j.appender.STD_OUT.Target=System.out
|
||||
log4j.appender.STD_OUT.layout=org.apache.log4j.PatternLayout
|
||||
log4j.appender.STD_OUT.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss} %-5p %c{1}:%L - %m%n
|
@ -0,0 +1,33 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIFqDCCA5CgAwIBAgIBAjANBgkqhkiG9w0BAQUFADCBizELMAkGA1UEBhMCVVMx
|
||||
DTALBgNVBAgTBFRlc3QxDTALBgNVBAcTBFRlc3QxETAPBgNVBAoTCFRlc3QgT3Jn
|
||||
MRYwFAYDVQQLEw1UZXN0IG9yZyB1bml0MRUwEwYDVQQDEwxXU08yIFJvb3QgQ0Ex
|
||||
HDAaBgkqhkiG9w0BCQEWDXJvb3RAd3NvMi5jb20wHhcNMTUwMTI3MTI1MzAxWhcN
|
||||
MTcxMDIzMTI1MzAxWjCBgzELMAkGA1UEBhMCVVMxGTAXBgNVBAgTEFRlc3QgUkEg
|
||||
UHJvdmluY2UxFTATBgNVBAcTDFRlc3QgUkEgQ2l0eTEUMBIGA1UEChMLVGVzdCBS
|
||||
QSBPcmcxGTAXBgNVBAsTEFRlc3QgUkEgb3JnIHVuaXQxETAPBgNVBAMTCFdTTzIg
|
||||
UkEgMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtUMgUlYYU3/TPfEe
|
||||
zNAvBaiOi/jUjfZ9IbxvMl7obDT17/5vU68TCGkZRjyfYUEiGNBisUEFWjSk/sGL
|
||||
/ofYKUAxw33cd456FLMjaJX/4Zk4y8eYB1m1GGlHejoDyjPhq8S6GDmy+PXbJr8n
|
||||
lSTROR2mQHkGwYrCreWeU4AYWzdctIFk7U2DKeIvZYSidIIjfSpDXURxrt9LPvig
|
||||
fMzr5l/WkZfjvk5S+W7rgMtpllxlEPgyDc07pNAdNSq5FB990oaUsVX8o6l6wdCw
|
||||
grYz83edPOKwZa04fsVztz2oF3ZYSGGjD3lwh0KS/jUL+awRyhMx5p/O1hySg6PP
|
||||
pJjeqRuobNTuwSAXxp3nsNSY0DkGW04pSxWoDQqhnpaqBbAf71l6ya2e3so1SHm/
|
||||
jouWSYTHncq5bmGE4AN7ZGVGZvfx84+UR8fNxJxxLo+DFFE0oJNzpPGNxILpHxgT
|
||||
V7IOII6mhfkrQk+AFQiW2Y5FXLVYv8r+SPXW8pYsjaWl971XZeM/HC3L9IZkCrrr
|
||||
a0ID5oT6vt+xTmdo4yiBqIP5TBYm+1a9YzMAy7XGtPih9k6cufMLcfzvUZdOXw9x
|
||||
3T05nM5ZtcDq0gHvUzQ7sfHTguWVnuHVEdb2ox4x2L5NzEA475fbSdXpMok9z/z7
|
||||
Xa71vIZi28InDAFBQehUlJnFtf0CAwEAAaMdMBswDAYDVR0TBAUwAwEB/zALBgNV
|
||||
HQ8EBAMCBaAwDQYJKoZIhvcNAQEFBQADggIBAAO0TwnQBMJvL8wbfsnTqAGCCHM4
|
||||
x1cpW+KgTmflPEliYGOn/dJYDz/dUowCgoj5mrSxjQ3G1/qL+9Y7E33h0tyw37vH
|
||||
YDL1p2Tn+fwmXRHrk+CHoPHNcImEfSIDWbbG7ehBR6erVfbQSZjmj4fwPkItp8rP
|
||||
nyUtXHOLpfFYoAxYkNP9+C8vpC9W/H1pj3rzmQFA1z+EZAKVV7vDAxbe6sun84nf
|
||||
YAaMSIzHx1B+XLHokgChmnZr3wV7EypBEmmKp4ITvJqK7WsIG9t1M6hI7OTPCURR
|
||||
mdy+DJtIoIUbZxHyIyC9nPcVJFkdBusnfXq4uMb0KMaWYCU8ESqZPySukF2qZ5KA
|
||||
acB+0ZhY+EGQ6QF/hB6iiUj96BlQ7XAPXFU6xUt6nRjDiJmb3vW1IEv0hpbs7PRl
|
||||
UMlbOwQk37rXpFqQc6ZW7lsxI2RmfkD4DOkQIGH3q5foVr+PEp0uSPWrFX62eBet
|
||||
1S4c/opVv6BcuUgilYABHTYxb45GfYwJAI9Qw2uQWT8DmhtVbcYu6GLYGlnRyaOC
|
||||
EPzc0z0KQTjhsgHWzi60IYBBh+fy+Z7w5X1rTTvhFOoU5J7kedGEqiBatIZmhF5t
|
||||
UFbT0u350ET5a0Kg83gu5aLwXdoIP9o7bp3XzLBMVNny2RX3tOHUA2HBe/p0h0OU
|
||||
Ggt3G6oD0gBe9pZI
|
||||
-----END CERTIFICATE-----
|
@ -0,0 +1,10 @@
|
||||
<!DOCTYPE suite SYSTEM "http://testng.org/testng-1.0.dtd" >
|
||||
|
||||
<suite name="iOS-MDM-Tests">
|
||||
<test name="Operatoin Bean validation tests" preserve-order="true">
|
||||
<classes>
|
||||
<class name="org.wso2.carbon.certificate.mgt.core.impl.CertificateGeneratorTestSuite"/>
|
||||
<class name="org.wso2.carbon.certificate.mgt.core.util.CommonUtil"/>
|
||||
</classes>
|
||||
</test>
|
||||
</suite>
|
Binary file not shown.
@ -0,0 +1,60 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
~
|
||||
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||
~ Version 2.0 (the "License"); you may not use this file except
|
||||
~ in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing,
|
||||
~ software distributed under the License is distributed on an
|
||||
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
~ KIND, either express or implied. See the License for the
|
||||
~ specific language governing permissions and limitations
|
||||
~ under the License.
|
||||
-->
|
||||
|
||||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||
|
||||
<parent>
|
||||
<groupId>org.wso2.carbon.devicemgt</groupId>
|
||||
<artifactId>carbon-devicemgt</artifactId>
|
||||
<version>0.9.2-SNAPSHOT</version>
|
||||
<relativePath>../../pom.xml</relativePath>
|
||||
</parent>
|
||||
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.wso2.carbon.devicemgt</groupId>
|
||||
<artifactId>certificate-mgt</artifactId>
|
||||
<version>0.9.2-SNAPSHOT</version>
|
||||
<packaging>pom</packaging>
|
||||
<name>WSO2 Carbon - Certificate Management Component</name>
|
||||
<url>http://wso2.org</url>
|
||||
|
||||
<modules>
|
||||
<module>org.wso2.carbon.certificate.mgt.core</module>
|
||||
</modules>
|
||||
|
||||
<build>
|
||||
<pluginManagement>
|
||||
<plugins>
|
||||
<plugin>
|
||||
<groupId>org.apache.felix</groupId>
|
||||
<artifactId>maven-scr-plugin</artifactId>
|
||||
<version>1.7.2</version>
|
||||
<executions>
|
||||
<execution>
|
||||
<id>generate-scr-scrdescriptor</id>
|
||||
<goals>
|
||||
<goal>scr</goal>
|
||||
</goals>
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</pluginManagement>
|
||||
</build>
|
||||
</project>
|
@ -0,0 +1,156 @@
|
||||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<!--
|
||||
~ Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
~
|
||||
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||
~ Version 2.0 (the "License"); you may not use this file except
|
||||
~ in compliance with the License.
|
||||
~ you may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing,
|
||||
~ software distributed under the License is distributed on an
|
||||
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
~ KIND, either express or implied. See the License for the
|
||||
~ specific language governing permissions and limitations
|
||||
~ under the License.
|
||||
-->
|
||||
|
||||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
|
||||
|
||||
<parent>
|
||||
<groupId>org.wso2.carbon.devicemgt</groupId>
|
||||
<artifactId>device-mgt-feature</artifactId>
|
||||
<version>0.9.2-SNAPSHOT</version>
|
||||
<relativePath>../pom.xml</relativePath>
|
||||
</parent>
|
||||
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<artifactId>org.wso2.carbon.certificate.mgt.server.feature</artifactId>
|
||||
<packaging>pom</packaging>
|
||||
<version>0.9.2-SNAPSHOT</version>
|
||||
<name>WSO2 Carbon - Certificate Management Server Feature</name>
|
||||
<url>http://wso2.org</url>
|
||||
<description>This feature contains the core bundles required for back-end Certificate Management functionality
|
||||
</description>
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.wso2.carbon.devicemgt</groupId>
|
||||
<artifactId>org.wso2.carbon.certificate.mgt.core</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.bouncycastle.wso2</groupId>
|
||||
<artifactId>bcprov-jdk15on</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.bouncycastle.wso2</groupId>
|
||||
<artifactId>bcpkix-jdk15on</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.bouncycastle.wso2</groupId>
|
||||
<artifactId>bcmail-jdk15on</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.google.code.jscep.wso2</groupId>
|
||||
<artifactId>jscep</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>commons-io.wso2</groupId>
|
||||
<artifactId>commons-io</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>commons-lang.wso2</groupId>
|
||||
<artifactId>commons-lang</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>commons-codec.wso2</groupId>
|
||||
<artifactId>commons-codec</artifactId>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
<build>
|
||||
<plugins>
|
||||
<plugin>
|
||||
<artifactId>maven-resources-plugin</artifactId>
|
||||
<version>2.6</version>
|
||||
<executions>
|
||||
<execution>
|
||||
<id>copy-resources</id>
|
||||
<phase>generate-resources</phase>
|
||||
<goals>
|
||||
<goal>copy-resources</goal>
|
||||
</goals>
|
||||
<configuration>
|
||||
<outputDirectory>src/main/resources</outputDirectory>
|
||||
<resources>
|
||||
<resource>
|
||||
<directory>resources</directory>
|
||||
<includes>
|
||||
<include>build.properties</include>
|
||||
<include>p2.inf</include>
|
||||
</includes>
|
||||
</resource>
|
||||
</resources>
|
||||
</configuration>
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
<plugin>
|
||||
<groupId>org.wso2.maven</groupId>
|
||||
<artifactId>carbon-p2-plugin</artifactId>
|
||||
<version>${carbon.p2.plugin.version}</version>
|
||||
<executions>
|
||||
<execution>
|
||||
<id>p2-feature-generation</id>
|
||||
<phase>package</phase>
|
||||
<goals>
|
||||
<goal>p2-feature-gen</goal>
|
||||
</goals>
|
||||
<configuration>
|
||||
<id>org.wso2.carbon.device.mgt.server</id>
|
||||
<propertiesFile>../../../features/etc/feature.properties</propertiesFile>
|
||||
<adviceFile>
|
||||
<properties>
|
||||
<propertyDef>org.wso2.carbon.p2.category.type:server</propertyDef>
|
||||
<propertyDef>org.eclipse.equinox.p2.type.group:false</propertyDef>
|
||||
</properties>
|
||||
</adviceFile>
|
||||
<bundles>
|
||||
<bundleDef>
|
||||
org.wso2.carbon.devicemgt:org.wso2.carbon.certificate.mgt.core:${carbon.device.mgt.version}
|
||||
</bundleDef>
|
||||
<bundleDef>
|
||||
org.bouncycastle.wso2:bcprov-jdk15on:${bcprov.wso2.version}
|
||||
</bundleDef>
|
||||
<bundleDef>
|
||||
org.bouncycastle.wso2:bcpkix-jdk15on:${bcpkix.wso2.version}
|
||||
</bundleDef>
|
||||
<bundleDef>
|
||||
org.bouncycastle.wso2:bcmail-jdk15on:${bcmail.wso2.version}
|
||||
</bundleDef>
|
||||
<bundleDef>
|
||||
com.google.code.jscep.wso2:jscep:${jscep.version}
|
||||
</bundleDef>
|
||||
<bundleDef>
|
||||
commons-io.wso2:commons-io:${version.commons.io}
|
||||
</bundleDef>
|
||||
<bundleDef>
|
||||
commons-lang.wso2:commons-lang:${version.commons.lang}
|
||||
</bundleDef>
|
||||
<bundleDef>
|
||||
commons-codec.wso2:commons-codec:${version.commons.codec}
|
||||
</bundleDef>
|
||||
</bundles>
|
||||
<importFeatures>
|
||||
<importFeatureDef>org.wso2.carbon.core.server:${carbon.kernel.version}</importFeatureDef>
|
||||
</importFeatures>
|
||||
</configuration>
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
</project>
|
@ -0,0 +1 @@
|
||||
custom = true
|
@ -0,0 +1,19 @@
|
||||
<?xml version="1.0" encoding="ISO-8859-1"?>
|
||||
<CertificateConfigurations>
|
||||
<CertificateKeystore>
|
||||
<!-- EMM Keystore file location-->
|
||||
<CertificateKeystoreLocation>${carbon.home}/repository/resources/security/wso2cert.jks</CertificateKeystoreLocation>
|
||||
<!-- EMM Keystore type (JKS/PKCS12 etc.)-->
|
||||
<CertificateKeystoreType>JKS</CertificateKeystoreType>
|
||||
<!-- EMM Keystore password-->
|
||||
<CertificateKeystorePassword>wso2carbon</CertificateKeystorePassword>
|
||||
<!-- Certificate authority certificate alias -->
|
||||
<CACertAlias>cacert</CACertAlias>
|
||||
<!-- Certificate authority private key password -->
|
||||
<CAPrivateKeyPassword>cacert</CAPrivateKeyPassword>
|
||||
<!-- Registration authority certificate alias -->
|
||||
<RACertAlias>racert</RACertAlias>
|
||||
<!-- Registration authority private key password -->
|
||||
<RAPrivateKeyPassword>racert</RAPrivateKeyPassword>
|
||||
</CertificateKeystore>
|
||||
</CertificateConfigurations>
|
@ -0,0 +1,2 @@
|
||||
instructions.configure = \
|
||||
org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/org.wso2.carbon.certificate.mgt.server_${feature.version}/conf/certificate-config.xml,target:${installFolder}/../../conf/certificate-config.xml,overwrite:true);\
|
@ -0,0 +1,41 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
~
|
||||
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||
~ Version 2.0 (the "License"); you may not use this file except
|
||||
~ in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing,
|
||||
~ software distributed under the License is distributed on an
|
||||
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
~ KIND, either express or implied. See the License for the
|
||||
~ specific language governing permissions and limitations
|
||||
~ under the License.
|
||||
-->
|
||||
|
||||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||
|
||||
<parent>
|
||||
<groupId>org.wso2.carbon.devicemgt</groupId>
|
||||
<artifactId>carbon-devicemgt</artifactId>
|
||||
<version>0.9.2-SNAPSHOT</version>
|
||||
<relativePath>../../pom.xml</relativePath>
|
||||
</parent>
|
||||
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.wso2.carbon.devicemgt</groupId>
|
||||
<artifactId>certificate-mgt-feature</artifactId>
|
||||
<version>0.9.2-SNAPSHOT</version>
|
||||
<packaging>pom</packaging>
|
||||
<name>WSO2 Carbon - Certificate Management Feature</name>
|
||||
<url>http://wso2.org</url>
|
||||
|
||||
<modules>
|
||||
<module>org.wso2.carbon.certificate.mgt.server.feature</module>
|
||||
</modules>
|
||||
|
||||
</project>
|
Loading…
Reference in new issue